Incorporating Security from the Start for a More Secure Future: Exploring the 'Secure by Design' Initiative and the Ongoing Secure by Design Alert Series | A Conversation with Jack Cable | Redefining CyberSecurity Podcast with Sean Martin

Guest: Jack Cable, Senior Technical Advisor at CISA [@CISAgov]On LinkedIn | https://linkedin.com/in/jackcableOn Twitter | https://twitter.com/jackhcableCISA on LinkedIn | https://www.linkedin.com/company/cisagov/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode’s SponsorsImperva | https://itspm.ag/imperva277117988Devo | https://itspm.ag/itspdvweb___________________________Episode NotesIn this episode of the Redefining CyberSecurity Podcast, host Sean Martin invites Jack Cable, Senior Technical Advisor at CISA (U.S. Cybersecurity and Infrastructure Security Agency), to discuss the concept of 'Secure by Design' and the importance of incorporating security into the development process of technology products. The episode explores the motivations behind CISA's 'Secure by Design' initiative, which aims to shift the responsibility for cybersecurity from end users to technology manufacturers.During the conversation, Jack highlights the need for long-term investments in cybersecurity and emphasizes the role of business leaders in driving necessary security improvements. The conversation explores the core principles of 'Secure by Design', including technology manufacturers taking ownership of security outcomes for their customers, promoting radical transparency and accountability, and ensuring top business leadership drives security improvements. The episode also touches on the collaboration between CISA and the open-source community to foster greater security improvements in the open-source space.Jack also shares success stories of companies effectively implementing 'Secure by Design' principles and highlights the economic and business factors that will drive a more secure future. The episode concludes with a call-to-action for organizations to adopt the 'Secure by Design' approach and engage with CISA to support the shift towards more secure software.Top Key Insights:The 'Secure by Design' initiative is aiming to shift the burden of cybersecurity from end users to the technology manufacturers, essentially pushing for a more proactive approach to security.Successful adoption of 'Secure by Design' requires buy-in from business leaders who possess the power to allocate budgets and direct the shift towards a secure future, demonstrating that cybersecurity is as much a business issue as a technical one.Collaboration with the open-source community is crucial for improving security in the technology ecosystem. This includes expectaing companies who use open-source software to be responsible consumers and sustainable contributors to the open-source software ecosystem.___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!___________________________ResourcesInspiring LinkedIn Post: https://www.linkedin.com/posts/jackcable_when-a-new-vulnerability-comes-out-its-activity-7135658158726791168-nz9hSecure by Design Overview: https://www.cisa.gov/securebydesignAlert Series Announcement: https://www.cisa.gov/news-events/news/cisa-announces-secure-design-alert-series-how-vendor-decisions-can-reduce-harm-global-scalePrinciples for Package Repository Security: https://repos.openssf.org/principles-for-package-repository-securityRequest for Information: https://www.federalregister.gov/documents/2023/12/20/2023-27948/request-for-information-on-shifting-the-balance-of-cybersecurity-risk-principles-and-approaches-for___________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.